Properties

Index

The index of the object, starting at 1. (Identifier)

Name

Specifies a symbolic name for the rule. (Optional)

Action

Reject, Drop, FwdFast, Allow, NAT, SAT or SLB_SAT.

SourceInterface

Specifies the name of the receiving interface to be compared to the received packet.

DestinationInterface

Specifies the destination interface to be compared to the received packet.

SourceNetwork

Specifies the sender span of IP addresses to be compared to the received packet.

DestinationNetwork

Specifies the span of IP addresses to be compared to the destination IP of the received packet.

SourceUserGroup

Specifies the User Group object, with username or group, that the source must be a part of. (Optional)

DestinationUserGroup

Specifies the User Group object, with username or group, that the destination must be a part of. (Optional)

Service

Specifies a service that will be used as a filter parameter when matching traffic with this rule.

Schedule

By adding a schedule to a rule, the firewall will only allow that rule to trigger at those designated times. (Optional)

NATAction

Specify sender address or Use interface address. (Default: UseInterfaceAddress)

NATSenderAddress

Specifies which sender address will be used.

NATPool

Specifies the NATPool object to use.

SATTranslate

Specifies whether to translate source IP or destination IP. (Default: DestinationIP)

SATTranslateToIP

Translate to this IP address.

SATTranslateToPort

Translate to this port. (Optional)

SATAllToOne

Rewrite all destination IPs to a single IP. (Default: No)

SLBAddresses

The IP addresses of the servers in the server farm.

SLBStickiness

Specifies stickiness mode. (Default: None)

SLBIdleTimeOut

New connections that arrive within the idle timeout are assigned to the same real server as previous connections from that address. The timeout is refreshed after each new connection. (Default: 30)

SLBMaxSlots

Specifies maximum number of slots for IP and network stickiness. (Default: 2048)

SLBNetSize

Specifies network size for network stickiness. (Default: 24)

SLBNewPort

Rewrite destination port to this port. (Optional)

SLBMonitorRoutingTable

Routing table used for server monitoring. (Default: main)

SLBMonitorPing

Enable monitoring using ICMP Ping packets. (Default: No)

SLBPingPollingInterval

Delay in milliseconds between each ping interval. (Default: 5000)

SLBPingSamples

Specifies the number of attempts to use for statistical calculations. (Default: 10)

SLBPingMaxPollFails

Specifies the maximum number of failed ping attempts until host is considered to be unreachable. (Default: 2)

SLBPingMaxAverageLatency

Specifies the max average latency for the sample attempts. (Default: 800)

SLBMonitorTCP

Enable monitoring using TCP handshakes. (Default: No)

SLBTCPPorts

Specifies the ports that will be monitored.

SLBTCPPollingInterval

Delay in milliseconds between each TCP handshake. (Default: 10000)

SLBTCPSamples

Specifies the number of attempts to use for statistical calculations. (Default: 10)

SLBTCPMaxPollFails

Specifies the maximum number of failed TCP attempts until host is considered to be unreachable. (Default: 2)

SLBTCPMaxAverageLatency

Specifies the max average latency for the sample attempts. (Default: 800)

SLBMonitorHTTP

Enable monitoring using HTTP requests. (Default: No)

SLBHTTPPorts

Specifies the ports that will be monitored. (Default: 80)

SLBHTTPPollingInterval

Delay in milliseconds between each monitor interval. (Default: 10000)

SLBHTTPSamples

Specifies the number of attempts to use for statistical calculations. (Default: 10)

SLBHTTPMaxPollFails

Specifies the maximum number of failed HTTP attempts until host is considered to be unreachable. (Default: 2)

SLBHTTPMaxAverageLatency

Specifies the max average latency for the sample attempts. (Default: 800)

SLBHTTPURLType

Defines how the request URL should be interpreted. (Default: FQDN)

SLBHTTPRequestURL

Specifies the HTTP URL to monitor.

SLBHTTPExpectedResponse

Expected HTTP response. (Optional)

SLBMonitorReset

Reset active connections when monitor fail. Uses additional resources to track all connections. (Default: No)

SLBDistribution

Specifies the algorithm used for the load distribution tasks. (Default: RoundRobin)

SLBWindowTime

Specifies the window time used for counting the number of seconds back in time to summarize the number of new connections for connection-rate algorithm. (Default: 10)

SLBServerId

Identifier used when uploading server state.

RequireIGMP

Multicast traffic must have been requested using IGMP before it is forwarded. (Default: Yes)

MultiplexArgument

Specifies how the traffic should be forwarded and translated.

MultiplexAllToOne

Rewrite all destination IPs to a single IP. (Default: No)

AppControl

Application Control. (Default: No)

AC_RuleSet

Selects preconfigured Application Rule.

Attribute

Special Attribute of the current object. (Optional)

LogEnabled

Enable logging. (Default: Yes)

LogSeverity

Specifies with what severity log events will be sent to the specified log receivers. (Default: Default)

Comments

Text describing the current object. (Optional)